PRIVACY & COOKIES

1. About us

This website is operated by Devine Flowers (referred to in this privacy policy as "Devine Flowers, "we", "us" and "our"). We are the data controller of any information you provide to us in the course of using our Services.

Devine Flowers is a company registered in England and Wales with its registered office at 12 Cullen Way, London, NW10 6JZ. You can contact us at this address, or by emailing shop@devineflowers.co.uk.

2. What personal data do we collect?

'Personal data' means any data which can be associated with you as an individual, either directly or indirectly. We collect different information depending on how you use the Services and how you interact with us.

Usage data, which includes information about how you use our Services (including your delivery instructions, order/shopping history, search criteria, preferences, website activity, and if you have attended any of our events).

Technical data, such as the device you are using to access our website, your unique device ID, your internet protocol (IP), browser type and version, time zone and location, display settings, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our website .

Marketing and communications data, including any communications we may receive from you, and your preferences in receiving notifications, marketing and other communications from us.

We also collect certain information relating to your payments and transactions via our website. This does not include your payment card details, which you provide direct to our payment processors. (For more information, please see Section 6 ('How do we share your personal information?') below.) We do not collect or store payment card details.

Our Services are not intended for collecting or transmitting 'special categories' of personal data, such as details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership or health information. We do not collect data about actual or alleged criminal offences.

3. How do we collect personal data from you?

a) Personal data you provide to us

We collect personal data from you when you create an account with us , place an order, register for a subscription, interact with us in any other way (such as via email, post, telephone or social media), or provide a testimonial.

We may record or monitor calls that you receive from us or make to us. We do this for security and training purposes and to improve the service we provide to you.

b) Personal data we collect as you use our Services

We collect your technical and usage data, as described above, as you use our Services. Some of this data is collected using cookies, beacons and similar technologies.

A cookie is a small file which asks permission to be placed on your computer's hard drive. Once you agree, the file is added, and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.

For full information about the cookies we use, please see Section 13 ('Cookies') below.

c) Data we obtain from third parties

We also receive personal data from our selected our selected partners, but only when you have given your explicit consent to this.

4. How and why we use your personal data

We will only use your information where:

a) We need the information to fulfil our contract with you.

If we have entered into a contract to provide you with our Services (for example, if you have placed an order, signed up for a subscription, or registered to attend one of our events), we will need your personal data in order to do so. The personal data that we use will depend on the service(s) we have agreed. For example:

We will use your identity and contact details so that we can communicate with you about the Services we provide, to facilitate providing any Services you have requested (for example, to create an online account, make a delivery, or sign you up to an event), and to respond to any requests, queries, issues or concerns you may have.

We will use your technical information to ensure that our Services display and function correctly on your device.

We (and our service providers) will need your payment information to facilitate any payments you authorise. For further information about this, please see Section 6 ('How we share your data') below.

b) We have a legitimate interest (reasonable business purpose) in doing so.

We will use your information for our legitimate business reasons where our doing so will not unduly affect your rights.

We will use your identity, contact, usage and marketing information to keep our records up to date.

We will use your usage and technical information to:

provide and make improvements to our Services, system maintenance, support, reporting and hosting of data, and troubleshooting;

optimise the performance of our website;

ensure that our Services are secure;

analyse how users interact with our Services; and

develop new products and services.

We may also use any or all of the information above to administer and manage our business in general, to detect and prevent misuse of our Services, and to enforce our Terms and Conditions or any other contract to which we may be a party. If you feel that your interests and fundamental rights outweigh our business purposes, and that we should therefore stop processing your data, please let us know.

c) You have given us your consent.

If you sign up to our mailing lists, we will send you updates and marketing information that you have consented to receive. You may opt out of receiving any, or all, of these communications from us by following the unsubscribe link or instructions provided in any email we send, or by emailing us at shop@devineflowers.co.uk.

If you have accepted the cookies on our website, we will use this information for remarketing and behavioural targeting services, and also to personalise your experience of our website and online services. For full information about the cookies we use, please see Section 13 ('Cookies') below.

d) We need to comply with a legal or regulatory obligation.

In certain circumstances, we may need to retain or use your personal data to comply with regulations and/or the law.

5. Children

Our Services are not intended to be used by children under the age of 18 years, and we do not knowingly collect children's personal data.

6. How do we share your personal information?

We will share your data:

a) With our trusted third party service providers

These include:

Our approved delivery drivers and couriers, as necessary to fulfil any orders you may have placed.

We share certain information with our information technology providers, such as website and mailing list hosts.

If you wish to attend one of our events, we may need to disclose your identity information to our venue or co-host (as applicable) for admissions purposes.

We may also share data with analysts, consultants and other professional advisors whom we retain for advice in respect of our business operations.

If you have accepted cookies, we will share certain information with Google Analytics. For further information, please see Section 13 ('Cookies') below.

We will only disclose your data to third party service providers under terms of confidentiality, and they will only use your personal data for the purposes stated in this policy.

As noted above, we do not share your payment information with our payment processors - instead, you provide it to them direct. We use Stripe and PayPal. For information about how they use your personal data, please see their privacy notices at https://stripe.com/gb/privacy and https://www.paypal.com/uk/webapps/mpp/ua/privacy-prev. The only exception to this is if we suspect that your account is being misused, in which case we may discuss certain aspects of your transaction history and/or identity details with our payment processors.

b) If you choose to share it via social media

If you choose to interact with us on a public forum, such as social media, our communications may be visible to other users of the platform.

Your personal data may be disclosed or transferred to potential or actual buyers of, investors into or lenders to our business or any of our assets, or any of the advisors or representatives of the above. If so, we will ensure that appropriate confidentiality terms are in place.

On rare occasions, we may share personal data when we believe it is necessary to comply with the law, regulation or legal request (including a court order or government inquiry); to enforce or apply our terms of use or other agreements; in the context of a company reorganisation or restructuring exercise; or to protect the rights, property, or safety of Devine Flowers, our personnel, our users, or others.

7. International transfers

Our website is hosted on servers located in the European Union. We do not transfer your personal data outside of the EU.

8. How do we keep your information secure?

We are committed to ensuring that your information is secure in order to prevent unauthorised access or disclosure, and we have put in place appropriate physical, electronic and managerial procedures to safeguard and secure your information.

However no transmission of information via the Internet or electronic storage is ever completely secure. Although we take appropriate measures to safeguard against unauthorised disclosures of information, we cannot guarantee the security of your data.

9. How long we keep personal data

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

10. Third party links

Our website, or other online services, may contain links to third party sites whose information practices may be different than ours. Please consult all third party sites' privacy notices, as we have no control over information that is submitted to, or collected by, third parties.

11. Your rights

You have the right to:

require us to rectify the personal data we hold about you, where that data is incorrect;

require that we restrict the processing of your personal information in certain circumstances;

request access to the personal data that we hold about you;

require that, in certain circumstances, we delete the personal information we hold about you;

require that we provide you with the information that we hold about you in a structured, commonly used and machine-readable format; and/or

withdraw your consent to our using your data for marketing purposes at any time.

You also have the right to lodge a complaint with the Information Commissioner’s Office, which is the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, be grateful if you would contact us in the first instance so we can endeavour to deal with your concerns direct.

If you wish to exercise any of these rights, please contact us at shop@devineflowers.co.uk.

To protect your privacy and security, we will take reasonable steps to help verify your identity before granting access or making corrections.

12. Changes to this policy or your data

We may amend or modify this privacy notice from time to time. We will post any revised notice on this website, and if the changes are significant, we will notify our members by email.

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

This privacy statement was last updated on 16th March 2019.

13. Cookies

How we use cookies

We use traffic log cookies to identify which pages are being used. This helps us to analyse data about web page traffic and improve our website in order to tailor it to our customers' needs.

Overall, cookies help us provide you with a better website, by enabling us to remember settings so that you don’t have to keep re-entering them whenever you visit a new page; monitoring which pages you find useful and which you do not; displaying information on a website in a way that matches your interests; and remembering key information such as your postcode so that you do not have to enter it repeatedly.

A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us. You can choose to accept or decline cookies. Most major websites use cookies and most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. However, this may prevent you from taking full advantage of our website, and may mean that you are unable to create an account or place an online order with us.

To learn more about cookies and how to manage them, visit AboutCookies.org.

Our website is built on the Shopify platform and their Cookie policy can be viewed here https://www.shopify.co.uk/legal/cookies.